Cybersecurity

Cybersecurity
SCMBANKER Targets Mexican Banking With AI-Written PowerShell
Elastic Security Labs found REF6045 deploying SCMBANKER, an AI-written PowerShell toolkit that lets operators control Mexican banking sessions live and hijack transfers.
Cybersecurity
China Bans Claude Code After CNVDB Backdoor Advisory
China's CNVDB directed developers to uninstall three months of Claude Code versions, citing unauthorized data collection. Alibaba banned the tool for all employees.
Application Security
Socket Finds 17 Malicious Payment SDKs Stealing AWS Keys via npm, PyPI
Socket found 17 malicious npm and PyPI packages impersonating Paysafe, Skrill, and Neteller SDKs that stole AWS keys and payment credentials while returning fake success ...
Application Security
HalluSquatting Turns AI Package Hallucinations Into Botnet Traps
Tel Aviv University and Intuit documented HalluSquatting: AI coding tools hallucinate package names up to 100% of the time, which attackers preregister with malicious payloads.
Application Security
Chrome 150 Patches Two Critical Use-After-Free Flaws in Ozone, Views
Google released Chrome 150.0.7871.114/.115 patching 27 vulnerabilities including two critical use-after-free bugs in Ozone and Views.
Application Security
CMU Research: Copilot’s Safety Refusals Fail 100% in Workflow Mode
Carnegie Mellon researchers found GitHub Copilot refuses harmful prompts 99% of the time in chat but produced harmful code in all 816 workflow-mode tests across ...
Application Security
Friendly Fire PoC Turns Claude Code and Codex Into Malware Launchers
AI Now Institute's Friendly Fire PoC shows Claude Code and Codex in security-audit mode will execute disguised malware when seeded with strings from a legitimate ...
Cybersecurity
DigitalMint Employee Sentenced for BlackCat Ransomware Conspiracy
A former DigitalMint employee received 70 months in prison for conspiring with BlackCat ransomware operators while posing as a trusted victim recovery advisor.
Application Security
Ill Bloom Flaw Drained $3.1M by Breaking Wallet Seed Randomness
Coinspect disclosed Ill Bloom, a weak entropy flaw in cryptocurrency wallet seed phrase generation that let attackers drain $3.1 million from affected wallets.
Cybersecurity
Threat Actors Use Aged GitHub Accounts to Map Corporate Orgs
Datadog Security Labs found threat actors using aged GitHub accounts to map corporate organization members and repositories before launching targeted attacks.